我试过寻找一个解决方案,我对php非常陌生,虽然我已经看过了,但似乎没有一个解决方案可以帮助格式化数据。
我不太关心sql注入和安全性,因为这是一个任务交,只是一些关于如何得到我需要的结果的建议。
我有一个网页,我想在数据库中搜索关键字,但也可选我想添加一个时间框架搜索。
例如,我可以使用文本搜索来搜索姓名、医生、病情和药物,但我也可以选择(因为我希望能够在不使用日期限制的情况下进行搜索)使用搜索appdatefrom和appdateto来缩小预约日期。
我到那儿去了
sql错误:您的sql语法有错误;请查看与您的mariadb服务器版本相对应的手册,以获取在第5行“where visitdate between'2001-01-01'and'2015-01-01'order by visitdate asc”附近使用的正确语法
目前在数据库中,我的访问日期格式为2014-04-20 01:23:43
我发现这很难做到,由于时间戳格式。
数据库如下所示。不知为什么我不能和xamp一起得到一个好的erd?所以我创造了一个。
访问表架构
数据库架构
页面代码如下。
<?php // Include config fileinclude("$_SERVER[DOCUMENT_ROOT]/freddies/inc/config.php");include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/functions.php");include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/header.php");$sql = "SELECT patient.fName AS fname, patient.sName AS surname, doctor.sName AS doc, conditions.con_name AS con, drugs.medication AS meds, visit.visitdate, visit.visit_id AS visitid FROM visitJOIN patient ON visit.patient_id = patient.patient_idJOIN doctor ON visit.doctor_id = doctor.doctor_idLEFT JOIN conditions ON visit.con_id = conditions.con_idLEFT JOIN drugs ON visit.drugs_id = drugs.med_id";if (isset($_POST['search'])) {$search_term = ($_POST['searchapp']);$appdatefrom = ($_POST['appdatefrom']);$appdateto = ($_POST['appdateto']);$sql .= " WHERE patient.fName LIKE '%".$search_term."%'";$sql .= " OR patient.sName LIKE '%".$search_term."%'";$sql .= " OR doctor.sName LIKE '%".$search_term."%'";$sql .= " OR conditions.con_name LIKE '%".$search_term."%'";$sql .= " OR drugs.medication LIKE '%".$search_term."%'";$sql .= " WHERE visitdate BETWEEN '".$appdatefrom."' and '".$appdateto."'";$sql .= " ORDER BY visitdate ASC";}$query = mysqli_query($db, $sql);if (!$query) {die ('SQL Error: ' . mysqli_error($db));}?><body><div class="container"><br><br><?php include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/logo.html"); ?><h2>APPOINTMENTS</h2><p>Search Recent Appointments:</p><form name="searchform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data"><div class="form-group row"><div class="col-xs-4"><label>Search for Patient, Doctor, Medication or Condition</label><input type="text" class="form-control" name="searchapp" placeholder="Example. Dr Mears, Tonsillitis, Vimovo, Andrew" required><br></div><div class="col-xs-4"><label>Date From:</label><input type="date" class="form-control" name="appdatefrom"><br></div><div class="col-xs-4"><label>Date To:</label><input type="date" class="form-control" name="appdateto"><br></div><div class="col-xs-4"><input type="submit" class="btn btn-primary" name="search" value="Submit"><span class="help-block"></span></div></div><table class="table table-striped"><thead><tr><th>Patient Name</th><th>Doctor</th><th>Condition</th><th>Medication Prescribed</th><th>Visit ID</th><th>Date</th><th></th></tr></thead><tbody><?php$no = 1;$total = 0;while ($row = mysqli_fetch_array($query)){echo '<tr><td>'.$row['fname']." ".$row['surname'].'</td><td>'."Dr ".$row['doc'].'</td><td>'.$row['con'].'</td><td>'.$row['meds'].'</td><td>'.$row['visitid'].'</td><td>'.$row['visitdate'].'</td><td><a href="viewapp.php?id='.($row['visitid']).'" class="btn btn-warning pull-right btn-xs">View</a></td><td><a href="delapp.php?id='.($row['visitid']).'" class="btn btn-danger pull-right btn-xs">Delete</a></td></tr>';$no++;}?></tbody></table><a href="newapp.php" class="btn btn-success pull-left">New Appointment</a><a href="" class="btn btn-info pull-left">Refesh</a><a href="../" class="btn btn-info pull-right">Admin Area</a></div><div class="bottompadding"></div><?php include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/footer.php"); ?></body></html>
在查看给出的答案后,在代码中添加parenthasis会阻止它工作,它当前是这样工作的,但是没有日期搜索?
这是网站目前的样子。当输入我的姓氏时,它会显示我的结果,但如果我想在两个日期之间搜索,它就什么都不做。屏幕截图
<?php // Include config fileinclude("$_SERVER[DOCUMENT_ROOT]/freddies/inc/config.php");include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/functions.php");include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/header.php");$sql = "SELECT patient.fName AS fname, patient.sName AS surname, doctor.sName AS doc, conditions.con_name AS con, drugs.medication AS meds, visit.visitdate, visit.visit_id AS visitid FROM visitJOIN patient ON visit.patient_id = patient.patient_idJOIN doctor ON visit.doctor_id = doctor.doctor_idLEFT JOIN conditions ON visit.con_id = conditions.con_idLEFT JOIN drugs ON visit.drugs_id = drugs.med_id";if (isset($_POST['search'])) {$search_term = ($_POST['searchapp']);$appdatefrom = ($_POST['appdatefrom']);$appdateto = ($_POST['appdateto']);$sql .= " WHERE patient.fName LIKE '%".$search_term."%'";$sql .= " OR patient.sName LIKE '%".$search_term."%'";$sql .= " OR doctor.sName LIKE '%".$search_term."%'";$sql .= " OR conditions.con_name LIKE '%".$search_term."%'";$sql .= " OR drugs.medication LIKE '%".$search_term."%'";$sql .= " AND visitdate BETWEEN '".$appdatefrom."' and '".$appdateto."'";$sql .= " ORDER BY visitdate ASC";}$query = mysqli_query($db, $sql);if (!$query) {die ('SQL Error: ' . mysqli_error($db));}?><body><div class="container"><br><br><?php include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/logo.html"); ?><h2>APPOINTMENTS</h2><p>Search Recent Appointments:</p><form name="searchform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data"><div class="form-group row"><div class="col-xs-4"><label>Search for Patient, Doctor, Medication or Condition</label><input type="text" class="form-control" name="searchapp" placeholder="Example. Dr Mears, Tonsillitis, Vimovo, Andrew" required><br></div><div class="col-xs-4"><label>Date From:</label><input type="date" class="form-control" name="appdatefrom"><br></div><div class="col-xs-4"><label>Date To:</label><input type="date" class="form-control" name="appdateto"><br></div><div class="col-xs-4"><input type="submit" class="btn btn-primary" name="search" value="Submit"><span class="help-block"></span></div></div><table class="table table-striped"><thead><tr><th>Patient Name</th><th>Doctor</th><th>Condition</th><th>Medication Prescribed</th><th>Visit ID</th><th>Date</th><th></th></tr></thead><tbody><?php$no = 1;$total = 0;while ($row = mysqli_fetch_array($query)){echo '<tr><td>'.$row['fname']." ".$row['surname'].'</td><td>'."Dr ".$row['doc'].'</td><td>'.$row['con'].'</td><td>'.$row['meds'].'</td><td>'.$row['visitid'].'</td><td>'.$row['visitdate'].'</td><td><a href="viewapp.php?id='.($row['visitid']).'" class="btn btn-warning pull-right btn-xs">View</a></td><td><a href="delapp.php?id='.($row['visitid']).'" class="btn btn-danger pull-right btn-xs">Delete</a></td></tr>';$no++;}?></tbody></table><a href="newapp.php" class="btn btn-success pull-left">New Appointment</a><a href="" class="btn btn-info pull-left">Refesh</a><a href="../" class="btn btn-info pull-right">Admin Area</a></div><div class="bottompadding"></div><?php include("$_SERVER[DOCUMENT_ROOT]/freddies/inc/footer.php"); ?></body></html>
1条答案
按热度按时间cuxqih211#
每个查询只能有一个where子句。如果要将日期范围与搜索结合使用,请将和与一组带圆括号的或条件一起使用。
使用括号将指定
a AND b OR c OR d将被评估为a AND (b OR c OR d)而不是(a AND b) OR c OR d.